Security Advisory

CVE-2015-1176

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-01-23 15:00:00

Last updated 2024-08-06 04:33:20

Assigner mitre

State PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action.

← Browse all CVEs View on cve.org ↗